Osirium solves a critical privileged user security gap

10th May 2011

Osirium (https://osirium.com) announced today that its solution enables organisations to identify and remove hidden and unused privileged legacy accounts on IT devices and servers. This solves a critical security gap as many organisations are not even aware of these legacy accounts. They are hidden, unused and their original purpose is often unclear, which means that both disable or removal actions can pose a significant security risk.

A recent survey conducted by Harris Interactive discovered that that 10% of IT professionals who had moved on from a previous job, could still gain access to their former employee’s systems using their old account credentials. The survey highlights that organisations are just not aware of the number of legacy privileged accounts that remain ‘active’ in their own infrastructure, nor how they can be effectively removed or disabled. IT departments are also reluctant to delete or disable what appears to be a legacy account in-case it turns out to be a valid, but infrequently run, critical process.

“The legacy account issue has been with us for years. It’s a challenging problem to resolve and until now there hasn’t been a quick and efficient solution available, particularly across multi-vendor infrastructures” says Mark Kacary, Director, CiRRUS “ Osirium uses a systematic approach and with task automation, it greatly reduces the disruption and man-power needed to complete the task. Consequently the operational risks from legacy accounts being misused are removed.”

Using Osirium’s Privileged User & Infrastructure Management solution the company have put together a 6 stage process that organisations should follow to remove legacy accounts. This process covers

Identifying Suspected Privileged User Legacy Accounts

Identifying Valid Accounts Amongst Suspects

Disabling Legacy Privileged User Accounts

Backing-up before Deleting a Privileged User Legacy Account

Deleting a Privileged User Legacy Account

Schedule Privileged User Account Audits

“Legacy privileged user accounts are a major pain point in organisations as they just don’t have the resource time to effectively discover and then remove all these problematic legacy accounts’ says David Guyatt, CEO, Osirium ‘however by using Osirium, all the time consuming tasks are automated and then by following the process we’ve laid out, the legacy privileged user account issue can be once and for all resolved”

About Osirium

Osirium reduces operational risk and enables compliance and best practices to be met and maintained by providing policy-based access control and automating SysAdmin tasks such as configurations, back-up and recovery across a diverse range of multi-vendor devices and servers.